CVE-2012-4070 Information

Description

SQL injection vulnerability in system/src/dispatcher.php in Dir2web 3.0 allows remote attackers to execute arbitrary SQL commands via the oid parameter in a homepage action to index.php.

Reference

http://archives.neohapsis.com/archives/bugtraq/2012-08/0045.html